Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

RE: Writing Secure code

From: Matt McClellan <mcc(at)nfr.com>
Date: Fri Dec 27 2002 - 15:59:44 EST

I would explicitly qualify "not exploitable" as "not exploitable in a given environment". Developers will generally have to make some assumptions when writing code. Take that code to an environment where one of the assumptions is invalid and there might be an exploit. I don't see how writing something that is absolutely "not exploitable" is any more possible than "total security".

--Matt

> -----Original Message-----
Received on Fri Dec 27 22:38:01 2002

This message: [ Message body ]
Next message: John Viega: "Re: Writing Secure code"
Previous message: Bob Bruen: "Re: Writing Secure code"
In reply to: John Viega: "Re: Writing Secure code"
In reply to Oscar Batyrbaev: "RE: SHA-1 vs. triple-DES for password encryption?"
Next in thread: John Viega: "Re: Writing Secure code"
Reply: John Viega: "Re: Writing Secure code"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:44 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library